[ASM] - Expander - Remediation Confirmation Scan (demisto#27605) (dem…

…isto#27780)

* Add command for starting scan.

Add function and error handling for call the new scan endpoint.
Add function for new command to scan.

* Update rcs get or create endpoint

* Refactor client code to fixture

* Update status code check and error handling

Move error handling and status code checking to RCS start scan to command function
Update start_remediation_confirmation_scan to retrun full response object

* Refactor Cortex ASM tests & Add success tests for RCS

Reducing imports should speed up tests
Add test cases for RCS start scan
Add results and responses for RCS scan

* Update Cortex ASM intgration tests

- Add failure scenario test for starting RCS scan
- Add general 500 waitress error
- Update test data

* Update Cortex ASM integration

- Add error_handler to all request
- Add new function to handle api errors, "get_api_error"

* Update Cortex ASM integration custom exceptions

* Update tests for Cortex ASM integration

- Add test for getting RCS 200 response scan status for IN_PROGRESS|SUCCESS|FAILED_ERROR|FAILED_TIMEOUT statuses.
- Add test for getting RCS 500 response scan status.
- Add response and results test data.
- Update existing response and results test data names.
- Move test_general_500_error.
- Add missing docstrings.

* Add asm-get-remediation-confirmation-scan-status command to Cortex ASM integration

* Update incorrect raw_responses in Cortex ASM integration

* Update get_remediation_confirmation_scan_status_command context outputs

* Update get_api_error in ASM integration

* Update tests and get_error_api

- Update test_get_remediation_confirmation_scan_status_failure exception and error message.
- Update test_start_remediation_confirmation_failure_codes error message.
- Update get_api_error to check for 'message' in response error json.

* Add ASM RCS playbook and update Detect Service playbook …Add ASM RCS playbook and update Detect Service playbook

- Replaced all logic, including NMAP scan from Cortex_ASM_-_Detect_Service with Cortex_ASM_-_Remediation_Confirmation_Scan
- Cteaded new Cortex_ASM_-_Remediation_Confirmation_Scan playbook that starts a scan and polls for scan status
- New PNG files
- Updated ReadMe files

* Update docker image for ASM integration

* Update Pack README

- Add section for Cortex ASM - Remediation Confirmation Scan
- Fix minor grammar

* Update ASM integration (Remove comments)

* Format and Update CortexAttackSurfaceManagement

- Format with Flake8 and Black
- Update output status key for get_remediation_confirmation_scan_status_command
- Update request for start_remediation_confirmation_scan

* Output keys for retrieving status

* Update ASM integration README

* Update functions for scanning and errors

Update get_remediation_confirmation_scan_status_command to use polling.
Update yml with polling and hide_polling_output.
Update get_api_error with 400 and new err_extra, reduced logic to make it simpler.

* Update ASM Alert Playbook

- Remove Detect Service initialize step
- Re-format playbook

* Update Detect Service playbook and remove inputs

* Update ASM RCS playbook

* Update ASM Detect Service playbook

* Add S3 to AWS Enrichment

* Update Cortex ASM integration

- Rename command asm-start-remediation-confirmation-scan from remediation_confirmation_scan
- Add default polling and polling related parameters

* Update Cortex ASM integration

Remove prints and stale comments

* Update unit tests and get_api_error function

- Update expected and raw results test data
- Update unit tests to reflect updated integration
- Remove status code logic from get_api_error function

* Add tests and update get_error_api

- Increase code coverage
- Update doc strings
- Update logic of get_error_api function

* Address linting and formatting

* Deprecate Cortex ASM - SNMP Check

* Add release notes

* Update Cortex ASM integration docker version

* Fix validation errors

* Update Cortex ASM - ASM Alert playbook

* Update get_api_error

Remove Value Error from second exception
Change message of NotFoundError exception

* Update brands on Cortex ASM - RCS playbook

* Address validations and deprecate SNMPDetection

- Update readme
- Update release notes
- Deprecate SNMPDetection
- Remove fromversion from SeviceOwnership.yml (Validation code BC106)

* Update Cortex ASM - ASM Alert with latest

* Update Cortex ASM - ASM Alert png

* Address PR comments.

- Update Cortex ASM - AWS Enrichment readme.
- Fix Cortex ASM - AWS Enrichment typos from versions ago.
- Move Cortex Attack Surface Management down a fromversion

* Update Cortex ASM - ASM Alert

- Update 21 to "What to do if RCS is inconclusive?"
- Update "Service exposure still observable?" conditional

* Address doc review comments and validation

* Update RCS PNG to PR link

* Update release notes

* Undo non-essential file changes

* Fix validation errors.

Co-authored-by: John <[email protected]>
Co-authored-by: RotemAmit <[email protected]>

Packs/CortexAttackSurfaceManagement/.pack-ignore

@@ -38,3 +38,6 @@ PostgreSQL
 Mysql
 Postgres
 ReportHeader
+RCS
+SNMP
+NMAP